diff --git a/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/disk_encryption.py b/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/disk_encryption.py
index df5ec216888..7a57941ba9a 100644
--- a/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/disk_encryption.py
+++ b/src/command_modules/azure-cli-vm/azure/cli/command_modules/vm/disk_encryption.py
@@ -69,7 +69,9 @@ def enable(resource_group_name, vm_name,  # pylint: disable=too-many-arguments,t
     if is_linux:
         image_reference = getattr(vm.storage_profile, 'image_reference', None)
         if image_reference:
-            _check_encrypt_is_supported(image_reference, volume_type)
+            result, message = _check_encrypt_is_supported(image_reference, volume_type)
+            if not result:
+                logger.warning(message)
 
     # sequence_version should be unique
     sequence_version = uuid.uuid4()
@@ -310,7 +312,7 @@ def _check_encrypt_is_supported(image_reference, volume_type):
 
     # custom image?
     if not offer or not publisher or not sku:
-        return True
+        return (True, None)
 
     supported = [
         {
@@ -347,11 +349,12 @@ def _check_encrypt_is_supported(image_reference, volume_type):
         },)
 
     for image in supported:
-        if (image['publisher'] == publisher and
-                image['sku'] == sku and
-                image['offer'].lower().startswith(offer.lower())):
-            return True
+        if (image['publisher'].lower() == publisher.lower() and
+                sku.lower().startswith(image['sku'].lower()) and
+                offer.lower().startswith(image['offer'].lower())):
+            return (True, None)
 
     sku_list = ['{} {}'.format(a['offer'], a['sku']) for a in supported]
-    message = "Encryption is not suppored for current VM. Supported are '{}'".format(sku_list)
-    raise CLIError(message)
+    # pylint: disable=line-too-long
+    message = "Encryption might fail as current VM uses a distro not in the known list, which are '{}'".format(sku_list)
+    return (False, message)
diff --git a/src/command_modules/azure-cli-vm/tests/test_custom_vm_commands.py b/src/command_modules/azure-cli-vm/tests/test_custom_vm_commands.py
index b6ff5ac3118..7ea9fe5ab20 100644
--- a/src/command_modules/azure-cli-vm/tests/test_custom_vm_commands.py
+++ b/src/command_modules/azure-cli-vm/tests/test_custom_vm_commands.py
@@ -15,7 +15,7 @@
                                                  _WINDOWS_ACCESS_EXT)
 from azure.cli.command_modules.vm.custom import \
     (attach_unmanaged_data_disk, detach_data_disk, get_vmss_instance_view)
-from azure.cli.command_modules.vm.disk_encryption import enable, disable
+from azure.cli.command_modules.vm.disk_encryption import enable, disable, _check_encrypt_is_supported
 from azure.mgmt.compute.models import (NetworkProfile, StorageProfile, DataDisk, OSDisk,
                                        OperatingSystemTypes, InstanceViewStatus,
                                        VirtualMachineExtensionInstanceView,
@@ -234,13 +234,6 @@ def test_enable_encryption_error_cases_handling(self, mock_get_keyvault_key_url,
 
         self.assertTrue("--aad-client-id or --aad-client-cert-thumbprint" in str(context.exception))
 
-        # throw when the linux image does not support encryptions
-        vm.storage_profile.image_reference = ImageReference(publisher='OpenLogic', offer='centos', sku='7.1')
-        with self.assertRaises(CLIError) as context:
-            enable('rg1', 'vm1', 'client_id', faked_keyvault, 'client_secret', volume_type='DATA')
-
-        self.assertTrue("Encryption is not suppored for current VM. Supported are" in str(context.exception))
-
     @mock.patch('azure.cli.command_modules.vm.disk_encryption.set_vm', autospec=True)
     @mock.patch('azure.cli.command_modules.vm.disk_encryption._compute_client_factory', autospec=True)
     def test_disable_encryption_error_cases_handling(self, mock_compute_client_factory, mock_vm_set):  # pylint: disable=unused-argument
@@ -274,6 +267,27 @@ def test_disable_encryption_error_cases_handling(self, mock_compute_client_facto
         vm_extension.instance_view.substatuses[0].message = '{}'
         disable('rg1', 'vm1', 'DATA')
 
+    def test_encryption_distro_check(self):
+        image = ImageReference(None, 'canonical', 'ubuntuserver', '16.04.0-LTS')
+        result, msg = _check_encrypt_is_supported(image, 'data')
+        self.assertTrue(result)
+        self.assertEqual(None, msg)
+
+        image = ImageReference(None, 'OpenLogic', 'CentOS', '7.2n')
+        result, msg = _check_encrypt_is_supported(image, 'data')
+        self.assertTrue(result)
+        self.assertEqual(None, msg)
+
+        image = ImageReference(None, 'OpenLogic', 'CentOS', '7.2')
+        result, msg = _check_encrypt_is_supported(image, 'all')
+        self.assertFalse(result)
+        self.assertEqual(msg,
+                         "Encryption might fail as current VM uses a distro not in the known list, which are '['RHEL 7.2', 'RHEL 7.3', 'CentOS 7.2n', 'Ubuntu 14.04', 'Ubuntu 16.04']'")
+
+        image = ImageReference(None, 'OpenLogic', 'CentOS', '7.2')
+        result, msg = _check_encrypt_is_supported(image, 'data')
+        self.assertTrue(result)
+
     def test_merge_secrets(self):
         secret1 = [{
             'sourceVault': {'id': '123'},